Multiple Choice
A security engineer discovers a PC may have been breached and accessed by an outside agent. The engineer wants to find out how this breach occurred before remediating the damage. Which of the following should the security engineer do FIRST to begin this investigation?
A) Create an image of the hard drive
B) Capture the incoming and outgoing network traffic
C) Dump the contents of the RAM
D) Parse the PC logs for information on the attacker
Correct Answer:
Verified
Correct Answer:
Verified
Q207: An enterprise is trying to secure a
Q208: The Chief Information Security Officer (CISO) of
Q209: A company wants to perform analysis of
Q210: A security engineer is working with a
Q211: A penetration tester is conducting an assessment
Q213: A Chief Security Officer (CSO) is reviewing
Q214: A security engineer is employed by a
Q215: Given the code snippet below: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1257/.jpg"
Q216: An information security manager is concerned that
Q217: As part of the asset management life